peter/ekster
1
0
Fork 0
Code Issues 3 Pull Requests Projects 3 Releases 1 Wiki Activity

Clean up url generation and callback

Browse Source
This commit is contained in:
Peter Stuifzand 2018-07-16 21:05:52 +02:00
parent e596a116bb
commit f3da9da58d
2 changed files with 41 additions and 29 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

33
cmd/eksterd/http.go
View File

@ -185,6 +185,16 @@ func isLoggedIn(backend *memoryBackend, sess *session) bool {
return true
}
func performIndieauthCallback(r *http.Request, sess *session) (bool, *authResponse, error) {
state := r.Form.Get("state")
if state != sess.State {
return false, &authResponse{}, fmt.Errorf("mismatched state")
}
code := r.Form.Get("code")
return verifyAuthCode(code, sess.RedirectURI, sess.AuthorizationEndpoint)
}
func (h *mainHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
conn := pool.Get()
defer conn.Close()
@ -225,15 +235,7 @@ func (h *mainHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
sessionVar := c.Value
sess, err := loadSession(sessionVar, conn)
state := r.Form.Get("state")
if state != sess.State {
w.WriteHeader(http.StatusBadRequest)
fmt.Fprintf(w, "ERROR: Mismatched state\n")
return
}
code := r.Form.Get("code")
verified, authResponse, err := verifyAuthCode(code, sess.RedirectURI, sess.AuthorizationEndpoint)
verified, authResponse, err := performIndieauthCallback(r, &sess)
if err != nil {
fmt.Fprintf(w, "ERROR: %q\n", err)
return
@ -390,10 +392,7 @@ func (h *mainHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
return
}
return
} else if r.URL.Path == "/auth/token" {
}
} else if r.Method == http.MethodPost {
if r.URL.Path == "/session" {
c, err := r.Cookie("session")
@ -438,15 +437,9 @@ func (h *mainHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
}
saveSession(sessionVar, &sess, conn)
q := authURL.Query()
q.Add("response_type", "id")
q.Add("me", meURL.String())
q.Add("client_id", ClientID)
q.Add("redirect_uri", redirectURI)
q.Add("state", state)
authURL.RawQuery = q.Encode()
authenticationURL := indieauth.CreateAuthenticationURL(*authURL, meURL.String(), ClientID, redirectURI, state)
http.Redirect(w, r, authURL.String(), 302)
http.Redirect(w, r, authenticationURL, 302)
return
} else if r.URL.Path == "/session/logout" {
c, err := r.Cookie("session")

37
pkg/indieauth/auth.go
View File

@ -94,16 +94,9 @@ func Authorize(me *url.URL, endpoints Endpoints, clientID, scope string) (TokenR
redirectURI := fmt.Sprintf("http://%s/", local)
state := util.RandStringBytes(16)
q := authURL.Query()
q.Add("response_type", "code")
q.Add("me", me.String())
q.Add("client_id", clientID)
q.Add("redirect_uri", redirectURI)
q.Add("state", state)
q.Add("scope", scope)
authURL.RawQuery = q.Encode()
authorizationURL := CreateAuthorizationURL(*authURL, me.String(), clientID, redirectURI, state, scope)
log.Printf("Browse to %s\n", authURL.String())
log.Printf("Browse to %s\n", authorizationURL)
shutdown := make(chan struct{}, 1)
@ -164,3 +157,29 @@ func Authorize(me *url.URL, endpoints Endpoints, clientID, scope string) (TokenR
return tokenResponse, nil
}
func CreateAuthenticationURL(authURL url.URL, meURL, clientID, redirectURI, state string) string {
q := authURL.Query()
q.Add("response_type", "id")
q.Add("me", meURL)
q.Add("client_id", clientID)
q.Add("redirect_uri", redirectURI)
q.Add("state", state)
authURL.RawQuery = q.Encode()
return authURL.String()
}
func CreateAuthorizationURL(authURL url.URL, meURL, clientID, redirectURI, state, scope string) string {
q := authURL.Query()
q.Add("response_type", "code")
q.Add("me", meURL)
q.Add("client_id", clientID)
q.Add("redirect_uri", redirectURI)
q.Add("state", state)
q.Add("scope", scope)
authURL.RawQuery = q.Encode()
return authURL.String()
}